Automatic commit of package [smeserver-letsencrypt-client] release [0.2.9-1].

Created by command: /usr/bin/tito tag
Use RSA instead of EC as it's not working on EL6
2021-09-30 20:22:12 +02:00 · 2021-09-30 20:21:50 +02:00 · 2021-09-30 20:00:51 +02:00 · 2021-09-30 20:00:39 +02:00 · 2021-09-30 19:44:04 +02:00 · 2021-09-30 19:43:44 +02:00
13 changed files with 46 additions and 13 deletions
--- a/.tito/packages/.readme
+++ b/.tito/packages/.readme
@ -0,0 +1,3 @@
+the .tito/packages directory contains metadata files
+named after their packages. Each file has the latest tagged
+version and the project's relative directory.
--- a/.tito/packages/smeserver-letsencrypt-client
+++ b/.tito/packages/smeserver-letsencrypt-client
@ -0,0 +1 @@
+0.2.9-1 ./
--- a/.tito/releasers.conf
+++ b/.tito/releasers.conf
@ -0,0 +1 @@
+../../tito_libs/releasers.conf
--- a/.tito/tito.props
+++ b/.tito/tito.props
@ -0,0 +1,6 @@
+[buildconfig]
+builder = tito.builder.Builder
+tagger = tito.tagger.VersionTagger
+changelog_do_not_remove_cherrypick = 0
+changelog_format = %s (%ae)
+lib_dir = ../tito_libs
--- a/root/etc/e-smith/templates/etc/dehydrated/config/10Uri
+++ b/root/etc/e-smith/templates/etc/dehydrated/config/10Uri
@ -8,7 +8,7 @@ elsif ($uri =~ m/^(test(ing)?)|staging$/){
  $OUT .= "CA=https://acme-staging.api.letsencrypt.org/directory\n";
 }
 elsif ($uri =~ m/^prod/){
-  $OUT .= "CA=https://acme-v01.api.letsencrypt.org/directory\n";
+  $OUT .= "CA=https://acme-v02.api.letsencrypt.org/directory\n";
 }

 }
--- a/root/etc/e-smith/templates/etc/dehydrated/config/45Algo
+++ b/root/etc/e-smith/templates/etc/dehydrated/config/45Algo
@ -0,0 +1 @@
+KEY_ALGO=rsa
--- a/root/etc/e-smith/templates/etc/dehydrated/config/70PreferredRoot
+++ b/root/etc/e-smith/templates/etc/dehydrated/config/70PreferredRoot
@ -0,0 +1 @@
+PREFERRED_CHAIN="issuer= /C=US/O=Internet Security Research Group/CN=ISRG Root X1"
--- a/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/Ejabberd/80Letsencrypt
+++ b/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/Ejabberd/80Letsencrypt
@ -1,5 +1,5 @@
 {
-  if (($domain->prop('Letsencrypt') || 'enabled') ne 'disabled' && ((${'httpd-e-smith'}{'TCPPort'} || '80') eq $port)){
+  if (($domain->prop('Letsencrypt') || 'enabled') ne 'disabled'){
    $OUT .=<<"_EOF";
    Alias /.well-known/acme-challenge/ /var/lib/dehydrated/challenges/
    <Location /.well-known/acme-challenge/>
--- a/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/LemonLDAPManager/80Letsencrypt
+++ b/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/LemonLDAPManager/80Letsencrypt
@ -1,5 +1,5 @@
 {
-  if (($domain->prop('Letsencrypt') || 'enabled') ne 'disabled' && ((${'httpd-e-smith'}{'TCPPort'} || '80') eq $port)){
+  if (($domain->prop('Letsencrypt') || 'enabled') ne 'disabled'){
    $OUT .=<<"_EOF";
    Alias /.well-known/acme-challenge/ /var/lib/dehydrated/challenges/
    <Location /.well-known/acme-challenge/>
--- a/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/LemonLDAPPortal/80Letsencrypt
+++ b/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/LemonLDAPPortal/80Letsencrypt
@ -1,5 +1,5 @@
 {
-  if (($domain->prop('Letsencrypt') || 'enabled') ne 'disabled' && ((${'httpd-e-smith'}{'TCPPort'} || '80') eq $port)){
+  if (($domain->prop('Letsencrypt') || 'enabled') ne 'disabled'){
    $OUT .=<<"_EOF";
    Alias /.well-known/acme-challenge/ /var/lib/dehydrated/challenges/
    <Location /.well-known/acme-challenge/>
--- a/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/LemonLDAPSoap/80Letsencrypt
+++ b/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/LemonLDAPSoap/80Letsencrypt
@ -1,5 +1,5 @@
 {
-  if (($domain->prop('Letsencrypt') || 'enabled') ne 'disabled' && ((${'httpd-e-smith'}{'TCPPort'} || '80') eq $port)){
+  if (($domain->prop('Letsencrypt') || 'enabled') ne 'disabled'){
    $OUT .=<<"_EOF";
    Alias /.well-known/acme-challenge/ /var/lib/dehydrated/challenges/
    <Location /.well-known/acme-challenge/>
--- a/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/UserManagerVirtualHost/80Letsencrypt
+++ b/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/UserManagerVirtualHost/80Letsencrypt
@ -1,5 +1,5 @@
 {
-  if (($domain->prop('Letsencrypt') || 'enabled') ne 'disabled' && ((${'httpd-e-smith'}{'TCPPort'} || '80') eq $port)){
+  if (($domain->prop('Letsencrypt') || 'enabled') ne 'disabled'){
    $OUT .=<<"_EOF";
    Alias /.well-known/acme-challenge/ /var/lib/dehydrated/challenges/
    <Location /.well-known/acme-challenge/>
--- a/smeserver-letsencrypt-client.spec
+++ b/smeserver-letsencrypt-client.spec
@ -1,11 +1,7 @@
-%define version 0.2.3
-%define release 1
-%define name smeserver-letsencrypt-client
-
 Summary: Let's Encrypt client for SME Server based on dehydrated
-Name: %{name}
-Version: %{version}
-Release: %{release}%{?dist}
+Name: smeserver-letsencrypt-client
+Version: 0.2.9
+Release: 1%{?dist}
 License: GPL
 Group: Applications/System
 Source: %{name}-%{version}.tar.gz
@ -22,6 +18,30 @@ Automatically get certificates from letsencrypt
 Using https://github.com/lukas2511/dehydrated

 %changelog
+* Thu Sep 30 2021 Daniel Berteaud <daniel@firewall-services.com> 0.2.9-1
+- Use RSA instead of EC as it's not working on EL6 (daniel@firewall-
+  services.com)
+
+* Thu Sep 30 2021 Daniel Berteaud <daniel@firewall-services.com> 0.2.8-1
+- Fix chain selection on el6 (daniel@firewall-services.com)
+
+* Thu Sep 30 2021 Daniel Berteaud <daniel@firewall-services.com> 0.2.7-1
+- Specify ISRG X1 as preferred chain (daniel@firewall-services.com)
+
+* Fri Oct 23 2020 Daniel Berteaud <daniel@firewall-services.com> 0.2.6-1
+- Don't restrict ACME challenges to the clear text vhost (daniel@firewall-
+  services.com)
+- Cleanup spec file for tito (daniel@firewall-services.com)
+
+* Wed Jul 15 2020 Daniel Berteaud <daniel@firewall-services.com> 0.2.5-1
+- Bump version
+
+* Wed Jul 15 2020 Daniel Berteaud <daniel@firewall-services.com> 0.2.4-1
+- Build with tito
+- Switch to the v02 API
+* Thu May 4 2017 Daniel Berteaud <daniel@firewall-services.com> - 0.2.4-1.sme
+- Expand cron file in bootstarp-cnsole-save
+
 * Wed Mar 15 2017 Daniel Berteaud <daniel@firewall-services.com> - 0.2.3-1.sme
 - Set default Uri to prod
Author	SHA1	Message	Date
Daniel Berteaud	39308ce37d	Automatic commit of package [smeserver-letsencrypt-client] release [0.2.9-1]. Created by command: /usr/bin/tito tag	2021-09-30 20:22:12 +02:00
Daniel Berteaud	0a7064d42b	Use RSA instead of EC as it's not working on EL6	2021-09-30 20:21:50 +02:00
Daniel Berteaud	120f1a86ea	Automatic commit of package [smeserver-letsencrypt-client] release [0.2.8-1]. Created by command: /usr/bin/tito tag	2021-09-30 20:00:51 +02:00
Daniel Berteaud	397fa60813	Fix chain selection on el6	2021-09-30 20:00:39 +02:00
Daniel Berteaud	85837641f2	Automatic commit of package [smeserver-letsencrypt-client] release [0.2.7-1]. Created by command: /usr/bin/tito tag	2021-09-30 19:44:04 +02:00
Daniel Berteaud	68f8f037be	Specify ISRG X1 as preferred chain	2021-09-30 19:43:44 +02:00
Daniel Berteaud	fdc1672b7e	Automatic commit of package [smeserver-letsencrypt-client] release [0.2.6-1]. Created by command: /usr/bin/tito tag	2020-10-23 14:51:17 +02:00
Daniel Berteaud	8dfda4711e	Don't restrict ACME challenges to the clear text vhost There are cases (like when running behind a proxypass) where it's also needed on the SSL vhost	2020-10-23 14:50:40 +02:00
Daniel Berteaud	cc2d9e31fd	Cleanup spec file for tito	2020-10-23 14:48:25 +02:00
Daniel Berteaud	2b5f6dafe3	Automatic commit of package [smeserver-letsencrypt-client] release [0.2.5-1]. Created by command: /usr/bin/tito tag --use-version 0.2.5	2020-07-15 10:04:06 +02:00
Daniel Berteaud	b3dfeb0a78	Automatic commit of package [smeserver-letsencrypt-client] release [0.2.4-1]. Created by command: /usr/bin/tito tag	2020-07-15 09:31:50 +02:00
Daniel Berteaud	b336b895d1	Configure tito	2020-07-15 09:31:22 +02:00
Daniel Berteaud	2f54ef1fe6	Initialized to use tito.	2020-07-15 09:30:10 +02:00
Daniel Berteaud	be54e7b798	Switch to the v2 API	2020-07-15 09:29:56 +02:00
Daniel Berteaud	451e36d58e	Spec file update	2017-05-04 16:20:18 +02:00
				`@ -0,0 +1 @@`
				`PREFERRED_CHAIN="issuer= /C=US/O=Internet Security Research Group/CN=ISRG Root X1"`